ยซ Changelog History


Cacti v1.2.8 Release Notes

Release Date: 2019-12-09 // over 4 years ago

  • ๐Ÿš€ Release of Cacti 1.2.8

    ๐Ÿ‘ Thank you everyone who are using Cacti and especially those helping to make Cacti better!

    For additional details check out the README located on GitHub.

    IMPORTANT: This release addresses two CVE's that were reported. For more information see the changelog.

    Contribute

    ๐Ÿ‘ Active development of Cacti is located on GitHub! Join us in making Cacti better, submit issues, fork and submit pull requests!

    ๐Ÿ”„ Change Log

    • ๐Ÿ”’ security#3025: CVE-2019-17357 When viewing graphs, some input variables are not properly checked (SQL injection possible)
    • ๐Ÿ”’ security#3026: CVE-2019-17358 When deserializating data, ensure basic sanitization has been performed
    • ๐Ÿ”’ security#3066: When using HTTPS, secure cookie to prevent potential weakness
    • issue#1228: Any tree or branch with a long name force main content off screen
    • issue#2133: Long snmp_indexes are being cut off
    • issue#2888: Long hostnames cause template filter to go off page
    • โšก๏ธ issue#2987: Changing Color Template does not update Aggregate
    • issue#2989: Allow Remote Data Collectors to maintain their own path variables
    • issue#2991: Cacti Statistics device template can generate unexpected errors
    • issue#2995: When editing a report, column setting may be ignored incorrectly
    • issue#2996: When editing a user, graph options do not properly reflect previously saved settings
    • ๐ŸŽ issue#2998: Session performance issues due to excessive use for database storage
    • issue#2999: Blank arguments can lead to extra spaces in script arguments
    • โš  issue#3006: Boost generates undefined variables warning during poller run
    • ๐ŸŒฒ issue#3011: i18n logging does not check write permission exists
    • issue#3012: When viewing realtime graphs, some input variables are not properly checked
    • issue#3013: Allow legends to be modified for Aggregate Graphs
    • issue#3017: Automation network range with spaces fails validation
    • issue#3019: User selected language is not always adhered to
    • issue#3021: Tree view cuts off at the bottom of page on modern theme
    • issue#3023: When clicking highlighted tab, side panel is not always shown/hidden correctly
    • issue#3027: Aggregate Graph re-ordering does not work
    • issue#3028: When zooming a graph, unable to reach edge of graph without losing focus
    • issue#3030: Pace continues to run even after a page is finished rendering
    • issue#3032: Graphs may select MAX instead of AVERAGE as consolidation function even if there is no item with MAX present.
    • ๐Ÿšš issue#3035: When editing a tree, can not remove entries due to CSS bug
    • issue#3037: When emptying poller output using cli, debug functions are not properly included
    • ๐Ÿ“ฆ issue#3039: Allow packagers to be able to specify an alternate location of csrf-secret.php file
    • issue#3040: When running automation, discovery can still run even if cancelled
    • issue#3041: When running automation, scans do not always respond to being cancelled
    • issue#3042: When running automation, scan can fail when selecting remote pollers
    • issue#3045: When viewing Aggregate Graphs, an error due to undefined referrer may occur
    • issue#3047: When saving settings, ignore remote pollers who have not checked in recently
    • issue#3050: When viewing graph trees, some input variables are not properly checked
    • ๐ŸŽ issue#3052: When editing CDEF's, slow database performance can occur
    • issue#3053: When viewing graph thumbnails, some input variables are not properly checked
    • โฌ†๏ธ issue#3055: During install/upgrade, database tests are not performed correctly
    • issue#3059: When using nth_percentile, correct value is not always returned if using MAX consolidation
    • โฌ†๏ธ issue#3060: When upgrading from older MySQL databases, format is not changed from compact to dynamic
    • issue#3061: When running automation, allow SNMP to be used as a ping method
    • issue#3068: When administrating users, some input variables are not properly checked
    • ๐ŸŒฒ issue#3070: Improve database logging when a crashed table is encountered
    • issue#3073: Automation network range does not always produce the correct start/end values
    • โš  issue#3078: When viewing graph debug from remote data collector, File Not Found warnings can appear incorrectly
    • issue#3079: Allow domain names to be stripped from a device's long description
    • โš  issue#3080: Remote Agent throws warnings that graph_nolegend has not been sanitized
    • issue#3085: When editing a poller, ensure each listening IP is unique
    • issue#3081: External Links are not showing a glyph when they appear on the Console menu
    • issue#3089: When viewing graphs in realtime, undefined variable can be logged for 95th Percentile graphs
    • ๐Ÿง issue#3099: Graph template 'Linux - Memory Usage' has the wrong unit on its vertical_label
    • issue#3101: Polling times can be slightly inconsistent due
    • ๐Ÿ‘€ issue#3104: When viewing graphs, a byref error can be seen in the error logs
    • issue#3105: When viewing hosts, some input variables are not properly checked
    • ๐Ÿ’ป issue#3111: When adding devices via command line, bad SNMP versions are not reported
    • issue#3112: When zooming on Graphs, too many requests are being made causing slowness
    • ๐Ÿ‘ issue#3114: Support for USB devices that change name due to their hosts restarting
    • issue#3118: When converting tables, the dynamic row format should be selected
    • โฌ†๏ธ issue#3119: Main Data Collector should perform a Full Sync whenever it is installed/upgraded
    • issue#3120: Correct issues causing incompatibility with PHP 7.4
    • issue#3121: When converting tables during install, show what will be changed
    • โฌ†๏ธ issue#3123: Named colors table is not properly imported/upgraded
    • issue#3124: When a second data collector is added, boost is not enabled automatically
    • issue#3128: i18n handler checks for existence of wrong mo file
    • issue#3129: Logout repeated occurs even when already logged out
    • issue#3132: Installer fails to continue if automation range is array of networks
    • ๐Ÿ”‹ feature#3077: Allow disabling remote poller resource cache replication to support upgrade testing

    *** Reporting Issues ***

    http://www.cacti.net/issues.php

    *** Download Cacti ***

    http://www.cacti.net/download_cacti.php

    *** Download Spine ***

    http://www.cacti.net/spine_download.php

    Thanks!
    The Cacti Group